1、安装Docker
# 安装Docker
https://docs.docker.com/get-docker/
# 安装Docker Compose
https://docs.docker.com/compose/install/
# CentOS安装Docker
https://mp.weixin.qq.com/s/nHNPbCmdQs3E5x1QBP-ueA2、安装SearXNG
详见:
https://docs.searxng.org/admin/installation-docker.html
https://github.com/searxng/searxng-docker创建目录:
mkdir searxng
cd searxng下载:
wget https://github.com/searxng/searxng-docker/archive/refs/heads/master.zip解压:
# 安装zip、unzip
# yum install -y zip unzip
# 解压
unzip master.zip切换目录:
cd searxng-docker-master查看.env文件:
# By default listen on https://localhost
# To change this:
# * uncomment SEARXNG_HOSTNAME, and replace <host> by the SearXNG hostname
# * uncomment LETSENCRYPT_EMAIL, and replace <email> by your email (require to create a Let's Encrypt certificate)
# SEARXNG_HOSTNAME=<host>
# LETSENCRYPT_EMAIL=<email>备份.env文件:
cp .env .env-bak修改.env文件:
# 指定域名或ip,
# 假设当前ip为192.168.186.128,端口3000,供外网访问
sed -i 's/# SEARXNG_HOSTNAME=<host>/SEARXNG_HOSTNAME=http:\/\/192.168.186.128:3000/g' .env查看Caddyfile文件:
{
admin off
log {
output stderr
format filter {
# Preserves first 8 bits from IPv4 and 32 bits from IPv6
request>remote_ip ip_mask 8 32
request>client_ip ip_mask 8 32
# Remove identificable information
request>remote_port delete
request>headers delete
request>uri query {
delete url
delete h
delete q
}
}
}
servers {
client_ip_headers X-Forwarded-For X-Real-IP
# Allow the following IP to passthrough the "X-Forwarded-*" headers to SearXNG
# https://caddyserver.com/docs/caddyfile/options#trusted-proxies
trusted_proxies static private_ranges
trusted_proxies_strict
}
}
{$SEARXNG_HOSTNAME}
tls {$SEARXNG_TLS}
encode zstd gzip
@api {
path /config
path /healthz
path /stats/errors
path /stats/checker
}
@static {
path /static/*
}
@imageproxy {
path /image_proxy
}
header {
# CSP (https://content-security-policy.com)
Content-Security-Policy "upgrade-insecure-requests; default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; form-action 'self' https:; font-src 'self'; frame-ancestors 'self'; base-uri 'self'; connect-src 'self'; img-src * data:; frame-src https:;"
# Disable browser features
Permissions-Policy "accelerometer=(),camera=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()"
# Only allow same-origin requests
Referrer-Policy "same-origin"
# Prevent MIME type sniffing from the declared Content-Type
X-Content-Type-Options "nosniff"
# Comment header to allow indexing by search engines
X-Robots-Tag "noindex, nofollow, noarchive, nositelinkssearchbox, nosnippet, notranslate, noimageindex"
# Remove "Server" header
-Server
}
header @api {
Access-Control-Allow-Methods "GET, OPTIONS"
Access-Control-Allow-Origin "*"
}
route {
# Cache policy
header Cache-Control "no-cache"
header @static Cache-Control "public, max-age=30, stale-while-revalidate=60"
header @imageproxy Cache-Control "public, max-age=3600"
}
# SearXNG
reverse_proxy localhost:8080备份Caddyfile文件:
cp Caddyfile Caddyfile-bak修改Caddyfile文件:
sed -i 's/admin off/#admin off\n http_port 3000\n auto_https off/g' Caddyfile
sed -i 's/tls {$SEARXNG_TLS}/#tls {$SEARXNG_TLS}/g' Caddyfile
sed -i 's/Content-Security-Policy/#Content-Security-Policy/g' Caddyfile查看searxng/settings.yml文件:
# see https://docs.searxng.org/admin/settings/settings.html#settings-use-default-settings
use_default_settings: true
server:
# base_url is defined in the SEARXNG_BASE_URL environment variable, see .env and docker-compose.yml
secret_key: "ultrasecretkey" # change this!
limiter: false # enable this when running the instance for a public usage on the internet
image_proxy: true
redis:
url: redis://redis:6379/0备份searxng/settings.yml文件:
cp searxng/settings.yml searxng/settings.yml-bak修改searxng/settings.yml文件:
sed -i "s/ultrasecretkey/$(openssl rand -hex 32)/g" searxng/settings.yml
sed -i "s/redis:6379/searxng-redis:6379/g" searxng/settings.yml查看docker-compose.yaml文件:
version: "3.7"
services:
caddy:
container_name: caddy
image: docker.io/library/caddy:2-alpine
network_mode: host
restart: unless-stopped
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile:ro
- caddy-data:/data:rw
- caddy-config:/config:rw
environment:
- SEARXNG_HOSTNAME=${SEARXNG_HOSTNAME:-http://localhost}
- SEARXNG_TLS=${LETSENCRYPT_EMAIL:-internal}
logging:
driver: "json-file"
options:
max-size: "1m"
max-file: "1"
redis:
container_name: redis
image: docker.io/valkey/valkey:8-alpine
command: valkey-server --save 30 1 --loglevel warning
restart: unless-stopped
networks:
- searxng
volumes:
- valkey-data2:/data
logging:
driver: "json-file"
options:
max-size: "1m"
max-file: "1"
searxng:
container_name: searxng
image: docker.io/searxng/searxng:latest
restart: unless-stopped
networks:
- searxng
ports:
- "127.0.0.1:8080:8080"
volumes:
- ./searxng:/etc/searxng:rw
- searxng-data:/var/cache/searxng:rw
environment:
- SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/
logging:
driver: "json-file"
options:
max-size: "1m"
max-file: "1"
networks:
searxng:
volumes:
caddy-data:
caddy-config:
valkey-data2:
searxng-data:备份docker-compose.yaml文件:
cp docker-compose.yaml docker-compose.yaml-bak修改docker-compose.yaml文件:
services:
caddy:
container_name: searxng-caddy
image: caddy:2-alpine
network_mode: host
restart: unless-stopped
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile:ro
- ./caddy-data:/data:rw
- ./caddy-config:/config:rw
environment:
- SEARXNG_HOSTNAME=${SEARXNG_HOSTNAME}
logging:
driver: "json-file"
options:
max-size: "1m"
max-file: "1"
redis:
container_name: searxng-redis
image: valkey/valkey:8-alpine
command: valkey-server --save 30 1 --loglevel warning
restart: unless-stopped
networks:
- searxng
volumes:
- ./valkey-data2:/data
logging:
driver: "json-file"
options:
max-size: "1m"
max-file: "1"
searxng:
container_name: searxng
image: searxng/searxng:latest
restart: unless-stopped
networks:
- searxng
ports:
- "127.0.0.1:8080:8080"
volumes:
- ./searxng:/etc/searxng:rw
- ./searxng-data:/var/cache/searxng:rw
environment:
- SEARXNG_BASE_URL=${SEARXNG_HOSTNAME}
logging:
driver: "json-file"
options:
max-size: "1m"
max-file: "1"
networks:
searxng:说明:
使用caddy做反向代理
假设ip为192.168.186.128,caddy默认端口80,searxng默认端口8080
在浏览器访问192.168.186.128:80
如果将caddy端口改成3000,那么在浏览器访问192.168.186.128:3000创建并启动容器:
docker-compose up -d查看容器列表:
docker ps查看容器日志:
# Caddy容器:
docker logs -f searxng-caddy
# SearXNG容器:
docker logs -f searxng
# Valkey容器:
docker logs -f searxng-redis停止并销毁容器:
docker-compose down删除目录:
rm -rf ./caddy-data ./caddy-config ./valkey-data2 ./searxng-data3、浏览器访问
假设当前ip为192.168.186.128
浏览器访问:http://192.168.186.128:8080
4、详见
https://docs.searxng.org/
https://github.com/searxng/searxng
https://github.com/searxng/searxng-docker
https://mp.weixin.qq.com/s/04sosQUYlnabyC2fa-5PIA